Website Malware Removal – FTP Tips & Tricks

Update 9/9/16:

We released a new guide that provides better instructions on how to clean a hacked WordPress site using the Free WordPress security plugin.

2016 Guide on How to Clean a Hacked WordPress Site

When you clean as many sites as we do every day you start to come up with little tricks that help expedite the process, here is one where you can use FTP to your advantage.

This post will cover two features in FileZilla that any novice can quickly employ:

• Using Filters
• Using Comparisons

For those wondering I’m running FileZilla on MAC OS, version 3.6.0. But this goes back a couple different versions, it’s not a new feature. If you’re not the type who feels confident cleaning your own site, remember that we detect malware, fix hacks and prevent it from occurring regardless of platform (Ex: WordPress, Joomla, Drupal, or something else).

Filter Out the Noise

This is perhaps the coolest little tool. From time to time we have to download sites, although we prefer to work remotely, its inevitable. When we do we have to filter out all the non-essential data, not doing so would add way too much time to the entire process. Some sites like to bloat themselves with images and videos and backup zips – you get the point. So how to get around that?

Glad you asked….

Regardless of what OS you’re running it on you should be able to find your Filename and Filters option. If you’re on a MAC it’s in your View menu.

When it opens follow these steps:

1. Click Edit Filter Rules
2. Click New
3. Enter a name where it says New Filter
4. Click Ok

You should now see a screen like this:

Now you can use the same rules I use:

Be sure to change the filter condition to Filter out items matching none of the following and be sure to unclick Directories at the bottom – has a tendency to break things. It should now look something like this:

Now click Ok and on the following screen be sure to apply the filter to both local and remote filters like this:

Now click Apply and you should be off the races. You don’t need a screen shot of how to press Apply do you?

Become One With Comparisons

If you have read some of our other posts you have undoubtedly heard us reference the DIFF command in linux. Some might find yourself perplexed because you don’t know how to operate in the command line environment or dont have terminal access. Not to worry, FileZilla has another little tool that can prove very beneficial.

If on a MAC, find your View menu again and look for Directory Comparison. It’ll look something like this:

As you can see, you have two options:

• Compare filesize
• Compare modification time

You even have the option to Hide Identical Files very useful if you’re trying to do away with all the noise. Here is an example.

I have my local environment and test site, looking at the modification time I see this:

Using this method, I can quickly see what is missing and unique in each location – local and remote. I can see I have an installation in my local but not in the remote. I can see that I have includes2 and libraries2 in my remote but not in my local. I can also see that the install.php was modified in later than the the one in my local environment.

If you have any questions or concerns about this post leave us a comment or send us an email at info@sucuri.net. If you really could care less about cleaning this up yourself just sign up with our service and we’ll get you going.